U.S. State Privacy Laws: The Often-Overlooked Security Requirements
IAPP Privacy. Security. Risk. 2023.
IAPP Privacy. Security. Risk. 2023.
Marriott Marquis San Diego Marina
San Diego, California
RegisterCompanies are hard at work coming into compliance with various state privacy laws, including those of California, Virginia, Colorado, Utah, Connecticut, Tennessee, and others. But companies need to also pay attention to these laws’ various cybersecurity requirements, which may be overlooked. This panel will provide an inventory of the cybersecurity requirements of these upcoming laws, a holistic overview of the laws’ obligations taken together, and practical advice for mitigating harm and litigation exposure in response to a data breach. For instance, companies must develop security safeguards, comply with regulatory reporting obligations, conduct privacy assessments, and review and update their service provider requirements. This panel will also help the audience prepare their information security departments and data breach response teams to be ready for the new cybersecurity requirements of these laws.
Panelists:
Kristen Mathews, CIPP/US, Partner, Privacy + Data Security Practice Group, Morrison Foerster
Noga Rosenthal, CIPP/E, CIPP/US, CPO, General Counsel, Ampersand
Regions